A critical remote code execution (RCE) vulnerability, CVE-2024-44308, has been identified in Apple Safari, which affects several Apple platforms, including iOS, iPadOS, macOS, and visionOS. The vulnerability is located in the JavaScriptCore component of WebKit, and it enables attackers to execute arbitrary code by exploiting maliciously crafted web content. The issue stems from a register corruption in WebKit’s DFG JIT compiler, particularly linked to the improper allocation timing of the scratch2GPR register. This flaw can lead to severe security risks, including system compromise, unauthorized access, and potential data theft.
The vulnerability has been actively exploited, with reports indicating that it is being used in targeted operations, particularly against Intel-based Mac systems. Google’s Threat Analysis Group (TAG) discovered and reported the flaw, highlighting the seriousness of the threat. As the flaw affects widely used Apple platforms, including those used for business, education, and personal computing, it has the potential to compromise sensitive data across numerous sectors. Experts believe that the targeted nature of the exploit indicates that it may be part of advanced cyberattacks aimed at specific users or organizations.
In response, Apple has released patches for the affected platforms to address the vulnerability. The updates include Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, and visionOS 2.1.1. These updates incorporate improved checks in WebKit to prevent the malicious exploitation of the flaw. Security experts have strongly recommended that users immediately update their devices to the latest software versions to mitigate potential risks associated with this vulnerability. The urgency of the updates is underscored by the high CVSS score of 8.8, reflecting the potential severity and impact of the vulnerability.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included CVE-2024-44308 in its Known Exploited Vulnerabilities Catalog, urging users and organizations to patch affected systems by December 12, 2024. As Mac-based attacks continue to rise, especially with a surge in macOS malware targeting cryptocurrency businesses, the need for stronger security measures has never been more critical. Organizations, particularly those handling sensitive data, are encouraged to implement proactive security strategies, including timely updates and employee awareness training. The discovery and exploitation of this flaw underscore the growing need for enhanced vigilance in securing Apple devices against increasingly sophisticated threats.
Reference:
